<?php
session_start();
header("Content-Type: text/html; charset=utf-8");
if($_POST['userName'] && $_POST['userPwd'] && $_POST['vcode']):
	if (strtoupper($_POST['vcode'])==strtoupper($_SESSION['VerifyCode'])):
		$name = addSlashes($_POST['userName']);
		$password = addSlashes($_POST['userPwd']);
		//SELECT id FROM `admin` WHERE userName = 'admin' and userpwd = '40bd001563085fc35165329ea1ff5c5ecbdbbeef'
		require_once 'dbClasses'.DIRECTORY_SEPARATOR.'config.php';
		require_once 'dbClasses'.DIRECTORY_SEPARATOR.'dbConn.php';
		$db = new dbConn();
		//$db->DB_NAME="admin";
		$db->sql = "SELECT id,nickName,type,userName FROM `admin` WHERE userName = '".$name."' and userpwd = '".sha1($password)."' and isActive = 1";
		if($db->doResult2()):
			$id = $db->doResult2();
			$_SESSION['userId'] = $id['id'];
			$_SESSION["type"] = $id['type'];
			$_SESSION['userName'] = $id['userName'];
			$_SESSION['nickName'] = $id['nickName'];

?>
		<script type="text/javascript">
			this.location.replace('index.php');
		</script>
		
<?php 	
		else:
			$act .= '&rs=3';
		endif;
	else:
		$act .= '&rs=2';
	endif;
else:
	$act .= '&rs=1';
endif;
?>
<script type="text/javascript">
	this.location.replace('login.php?status=lose<?php echo $act;?>');
</script>